Introducción a los interfaces de red

Each network interface in a system corresponds to a path through which
messages may be sent and received. A network interface usually has a
hardware device associated with it, though certain interfaces such as the
loopback interface, lo(4), do not.

A network interface is similar to a device interface. Network interfaces
comprise the lowest layer of the networking subsystem, interacting with
the actual transport hardware. An interface may support one or more
protocol families and/or address formats. The SYNOPSIS section of each
network interface entry gives a sample specification of the related
drivers for use in providing a system description to the config(8)
program. The DIAGNOSTICS section lists messages which may appear on the
console and/or in the system error log, /var/log/messages (see
syslogd(8)), due to errors in device operation.

A hardware device is identified to the system at configuration time and
the appropriate device or network interface driver is then compiled into
the system.
When the resultant system is booted, the autoconfiguration
facilities in the system probe for the device and, if found, enable the
software support for it. If a device does not respond at
autoconfiguration time it is not accessible at any time afterwards. To
enable a device which did not autoconfigure, the system will have to be
rebooted.

When OpenBSD bootstraps it probes the innards of the machine on which it
is running and locates controllers, drives, and other devices, printing
out what it finds on the console. This procedure is driven by a system
configuration table which is processed by config(8) and compiled into
each kernel. Devices which exist in the machine but are not configured
into the kernel are usually not detected.

Media Independent Interface is an IEEE standard serial bus for connecting
MACs (network controllers) to PHYs (physical media interfaces). The mii
layer allows network device drivers to share support code for various PHY
models, and allows unused support for PHYs which are not present in a
system to be removed from the kernel.
Network device drivers which use the mii layer carry the ``mii''
autoconfiguration attribute. This allows kernel configuration files to
simply specify PHYs as described above in SYNOPSIS.
The following is an example of the messages displayed when a network
interface with an attached PHY is detected by the kernel:
hme0 at sbus0 slot 1 offset 0x8c00000 pri 7: address 08:00:20:22:86:b8 rev 34
nsphy0 at hme0 phy 1: DP83840 10/100 PHY, rev. 1
ifconfig(8) can be used to display the media types supported by the PHY.
These media types are valid media keywords for use with the ifconfig(8)
program.

Configuración de un interfaz de red

The hostname.* files contain information regarding the configuration of
each network interface. One file should exist for each interface that is
to be configured, such as hostname.fxp0 or hostname.bridge0. A
configuration file is not needed for lo0.
The configuration information is expressed in a line-by-line packed
format which makes the most common cases simpler; those dense formats are
described below. Any lines not matching these packed formats are passed
directly to ifconfig(8). The packed formats are converted using a
somewhat inflexible parser and the administrator should not expect magic
-- if in doubt study ifconfig(8) and the per-driver manual pages to see
what arguments are permitted.
Arguments containing either whitespace or single quote characters must be
double quoted. For example:
inet 10.0.0.1 255.255.255.0 10.0.0.255 description "Bob's uplink"

Inicialización de un interfaz de red

netstart is the command script that is invoked by rc(8) during an
automatic reboot and after single user mode is exited; it performs
network initialization.
The netstart script can also be used to start newly created bridges or
interfaces, or reset existing interfaces to their default state. The
behaviour of this script is (or can be) controlled to some extent by
variables defined in rc.conf(8), which specifies which daemons and
services are to be run.
During the system boot, netstart is executed. netstart performs the
following operations, in the sequence given:
o Set the machine's name.
o Configure the loopback interface.
o Configure all the physical interfaces.
o Configure the following non-physical interfaces: trunk(4),
vlan(4), pfsync(4), and carp(4).
o Initialize the routing table and set up the default routes.
o Configure the remaining non-physical interfaces: pppoe(4),
gif(4), and gre(4).
o Configure all bridge(4) interfaces.
After the system is completely initialized, it is possible to start a
newly created interface or bridge(4), or reset an existing interface to
its default state, by invoking the following, where foo0 is the interface
or bridge name:
# sh /etc/netstart foo0

- All interfaces are members of the all interface
group.
- Cloned interfaces are members of their interface
family group. For example, a PPP interface such
as ppp0 is a member of the ppp interface family
group.
- pppx(4) interfaces are members of the pppx
interface group.
- The interface(s) the default route(s) point to
are members of the egress interface group.
- IEEE 802.11 wireless interfaces are members of
the wlan interface group.
- Any interfaces used for network booting are
members of the netboot interface group.

Familias de protocolos

inet

The Internet protocol family is a collection of protocols layered atop
the Internet Protocol (IP) transport layer, and utilizing the Internet
address format. The Internet family provides protocol support for the
SOCK_STREAM, SOCK_DGRAM, and SOCK_RAW socket types; the SOCK_RAW
interface provides access to the IP protocol.
The Internet protocol family is comprised of the IP transport protocol,
Internet Control Message Protocol (ICMP), Transmission Control Protocol
(TCP), and User Datagram Protocol (UDP). TCP is used to support the
SOCK_STREAM abstraction while UDP is used to support the SOCK_DGRAM
abstraction. A raw interface to IP is available by creating an Internet
socket of type SOCK_RAW. The ICMP message protocol is accessible from a
raw socket.

inet6

The inet6 family is an updated version of the inet(4) family. While
inet(4) implements Internet Protocol version 4, inet6 implements Internet
Protocol version 6.
inet6 is a collection of protocols layered atop the Internet Protocol
version 6 (IPv6) transport layer, and utilizing the IPv6 address format.
The inet6 family provides protocol support for the SOCK_STREAM,
SOCK_DGRAM, and SOCK_RAW socket types; the SOCK_RAW interface provides
access to the IPv6 protocol.
The inet6 family is comprised of the IPv6 network protocol, Internet
Control Message Protocol version 6 (ICMPv6), Transmission Control
Protocol (TCP), and User Datagram Protocol (UDP). TCP is used to support
the SOCK_STREAM abstraction while UDP is used to support the SOCK_DGRAM
abstraction. Note that TCP and UDP are common to inet(4) and inet6. A
raw interface to IPv6 is available by creating an Internet socket of type
SOCK_RAW. The ICMPv6 message protocol is accessible from a raw socket.

Interacción entre inet e inet6

Interaction between IPv4/v6 sockets
OpenBSD does not route IPv4 traffic to an AF_INET6 socket, for security
reasons. If both IPv4 and IPv6 traffic need to be accepted, listen on
two sockets.
The behavior of AF_INET6 TCP/UDP socket is documented in RFC 2553.
Basically, it says the following:
o A specific bind to an AF_INET6 socket (bind(2) with address
specified) should accept IPv6 traffic to that address only.
o If a wildcard bind is performed on an AF_INET6 socket (bind(2) to
IPv6 address ::), and there is no wildcard bind AF_INET socket on
that TCP/UDP port, IPv6 traffic as well as IPv4 traffic should be
routed to that AF_INET6 socket. IPv4 traffic should be seen as if it
came from IPv6 address like ::ffff:10.1.1.1. This is called IPv4
mapped address.
o If there are both wildcard bind AF_INET socket and wildcard bind
AF_INET6 socket on one TCP/UDP port, they should behave separately.
IPv4 traffic should be routed to AF_INET socket and IPv6 should be
routed to AF_INET6 socket.
However, RFC 2553 does not define the constraint between the order of
bind(2), nor how IPv4 TCP/UDP port numbers and IPv6 TCP/UDP port numbers
relate to each other (should they be integrated or separated).
Implemented behavior is very different from kernel to kernel. Therefore,
it is unwise to rely too much upon the behavior of AF_INET6 wildcard bind
socket. It is recommended to listen to two sockets, one for AF_INET and
another for AF_INET6, if both IPv4 and IPv6 traffic are to be accepted.
It should also be noted that malicious parties can take advantage of the
complexity presented above, and are able to bypass access control, if the
target node routes IPv4 traffic to AF_INET6 socket. Caution should be
taken when handling connections from IPv4 mapped addresses to AF_INET6
sockets.

ifconfig [-AaC] [interface] [address_family] [address [dest_address]]
[parameters]
The following parameters may be set with ifconfig:
delete Remove the specified network address, including any
netmask or destination address configured with this
address.

Troubleshooting

fstat

fstat identifies open files. A file is considered open by a process if
it was explicitly opened, is the working directory, root directory, ac-
tive pure text, or kernel trace file for that process. If no options are
specified, fstat reports on all open files in the system.

route

route is a utility used to manually view and manipulate the network rout-
ing tables. Except for setting up the default route, it normally is not
needed to manipulate routes, as a system routing table management daemon,
such as routed(8), ospfd(8), or bgpd(8), should tend to this task.
route can be used to modify nearly any aspect of the routing policy, ex-
cept packet forwarding, which can be manipulated through the sysctl(8)
command.
The route utility provides several commands:
add Add a route.
change Change aspects of a route (such as its gateway).
delete Delete a specific route.
flush Remove all routes.
get Lookup and display the route for a destination.
monitor Continuously report any changes to the routing information
base, routing lookup misses, or suspected network partition-
ings.
show Print out the route table similar to "netstat -r" (see
netstat(1)).

interfaces

-i Show the state of interfaces which have been auto-configured (in-
terfaces statically configured into a system but not located at
boot-time are not shown).
-f address_family
Limit statistics or address control block reports to those of the
specified address_family.
The following address families are recognized:
Address Family Constant Description
inet AF_INET IP Version 4
inet6 AF_INET6 IP Version 6
ipx AF_IPX Novell IPX
atalk AF_APPLETALK AppleTalk
encap PF_KEY IPsec
local AF_LOCAL Local to Host (i.e., pipes)
unix AF_UNIX Local to Host (i.e., pipes)

iperf

Según iperf(1):

iperf is a tool for performing network throughput measurements. It can
test either TCP or UDP throughput. To perform an iperf test the user
must establish both a server (to discard traffic) and a client (to
generate traffic).

systat

systat displays various system statistics in a screen-oriented fashion
using the curses(3) screen display library.
While systat is running, the screen is divided into different areas. The
top line displays the current number of users, the three system load
average figures over the last 1, 5, and 15 minute intervals, and the
system time. The bottom line of the screen is reserved for user input
and error messages. The information displayed in the rest of the screen
comprises a view, and is the main interface for displaying different
types of system statistics. The vmstat view is the default.